Three charged for largest U.S. data breach scheme

NULLA federal grand jury in Newark last week charged three people with conducting “the single largest reported data breach in U.S. history … in which more than 130 million credit and debit card numbers were stolen” from a New Jersey credit card processor and other big businesses, according to Acting U.S. Attorney Ralph J. Marra Jr.

From October 2006 to May 2008, Miami resident Albert Gonzalez, 28, and two unnamed overseas co-conspirators hacked into the computer systems of Princeton-based Heartland Payment Systems Inc. and other large companies, Marra said.

Heartland provides credit, debit and prepaid card processing, payroll, and other payment services.

Gonzalez and his cohorts allegedly downloaded credit and debit card data and sold it to other parties, who used the information to make fraudulent purchases and unauthorized bank account withdrawals, and to engage in other identity theft schemes, according to Marra.

If convicted, each defendant faces up to 35 years in prison; each also faces $1.25 million in fines or twice the gain resulting from the offense, whichever is greater, Marra said.